package com.siyuan.blog.web.interceptor;

import com.siyuan.blog.common.Constants;
import com.siyuan.blog.domain.system.User;
import com.siyuan.blog.service.system.ResourcesService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * 权限认证拦截器
 */
public class PermissionInterceptor implements HandlerInterceptor {

    @Autowired
    private ResourcesService resourcesService;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        HttpSession session = request.getSession();
        User user =  (User)session.getAttribute(Constants.SK_USER);
        return true;
//        if(null == user) {  //未登录
//            response.sendRedirect(request.getContextPath() + "/login");
//            return false;
//        }else {
//            String requestURI = request.getRequestURI();
//            if(!requestURI.equals("/")){
//                //左侧菜单
//                Map<String,Resources> allResources = (Map<String,Resources>)session.getAttribute(Constants.SK_ALL_RESOURCES);
//                Resources resources = allResources.get(requestURI);
//                if(null == resources){
//                    //如果没有对应的权限则不允许 访问
//                        response.sendError(403);
//                        return false;
//                }
//
//                if((resources.getType() == Resources.TYPE_PAGE || resources.getType() == Resources.TYPE_SUB_PAGE) && resources.getUrl().split(",")[0].equals(requestURI)){
//                    request.setAttribute(Constants.RK_CURR_MENU,resources.getParentModule());  //当前模块
//                    request.setAttribute(Constants.RK_CURR_PAGE,(resources.getType() == Resources.TYPE_PAGE )? resources.getCode() : resources.getParentPage());  //当前页面
//
//                    if(resources.getType() == Resources.TYPE_PAGE ){   //如果是主页面，将主页的操作按钮权限信息获取到，用来决定按钮的显示
//                        Map<String,List<String>> pageSubResCode = (Map<String,List<String>>)session.getAttribute(Constants.SK_PAGE_SUB_RES_CODE);
//                        request.setAttribute(Constants.RK_PAGE_AUTHORIZE,pageSubResCode.get(resources.getCode()));
//                    }
//                }
//            }
//
//            //登录则放过
//            return true;
//        }
    }
}
